Database abstraction layer

Drupal provides a slim database abstraction layer to provide developers with
the ability to support multiple database servers easily. The intent of this
layer is to preserve the syntax and power of SQL as much as possible, while
letting Drupal control the pieces of queries that need to be written
differently for different servers and provide basic security checks.

Most Drupal database queries are performed by a call to db_query() or
db_query_range(). Module authors should also consider using pager_query() for
queries that return results that need to be presented on multiple pages, and
tablesort_sql() for generating appropriate queries for sortable tables.

For example, one might wish to return a list of the most recent 10 nodes
authored by a given user. Instead of directly issuing the SQL query

Curly braces are used around "node" to provide table prefixing via
db_prefix_tables(). The explicit use of a user ID is pulled out into an
argument passed to db_query() so that SQL injection attacks from user input
can be caught and nullified. The LIMIT syntax varies between database servers,
so that is abstracted into db_query_range() arguments. Finally, note the
common pattern of iterating over the result set using db_fetch_object().